Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FUYU/vQ_kFPgKfrUP5A90iRzbvSQEUrk.roa
File: vQ_kFPgKfrUP5A90iRzbvSQEUrk.roa (raw, json)
Hash identifier: VNRGehmld6eeJFCSxGzfW8/gGVy4KiBmLcmAKf4Wit4=
Subject key identifier: BD:0F:E4:14:F8:0A:7E:B5:0F:E4:0F:74:89:1C:DB:BD:24:04:52:B9
Certificate issuer: /CN=DE872BAD262D18F0A6749E0272D975261D949EC3
Certificate serial: EB
Authority key identifier: DE:87:2B:AD:26:2D:18:F0:A6:74:9E:02:72:D9:75:26:1D:94:9E:C3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/3ocrrSYtGPCmdJ4Cctl1Jh2UnsM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FUYU/vQ_kFPgKfrUP5A90iRzbvSQEUrk.roa
Signing time: Fri 07 Feb 2025 15:40:00 +0000
ROA not before: Fri 07 Feb 2025 15:40:00 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 150771
IP address blocks: 157.20.68.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Feb 2025 20:34:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 235 (0xeb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=DE872BAD262D18F0A6749E0272D975261D949EC3
Validity
Not Before: Feb 7 15:40:00 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=BD0FE414F80A7EB50FE40F74891CDBBD240452B9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:6d:6b:73:43:ad:05:87:8f:4c:37:c8:90:79:
c9:61:79:d5:e7:bb:d1:cc:cc:54:70:59:fc:30:b3:
f3:4d:b6:a9:21:18:4b:39:d0:42:40:89:d6:23:7e:
01:0d:de:80:56:83:2c:d8:e4:de:80:45:25:16:2b:
be:d8:f1:1f:30:1b:d5:c8:26:d5:b6:24:25:d9:b0:
dc:7a:21:fe:a0:a6:cd:8b:90:d0:8c:58:ec:98:cf:
70:2f:fa:98:a4:e4:f6:44:0b:fe:90:bc:52:8b:38:
bd:a2:ae:3b:f4:39:72:80:b2:b5:6c:7c:2f:d9:bb:
7f:f8:88:44:7d:33:d9:2f:04:00:3d:d5:fb:6f:da:
47:ed:49:1d:d3:52:45:14:5e:79:55:08:ce:e1:b6:
c7:e7:3f:4f:d5:d9:6a:d9:02:54:e2:1e:86:ae:28:
ca:1d:d8:1e:87:5e:97:de:75:1f:bb:93:68:fb:9a:
ec:78:4e:b7:6a:c1:3a:25:98:c3:99:16:4b:16:69:
26:9e:36:a8:f4:88:0c:d7:97:c9:9e:48:49:a4:65:
d9:8f:ac:be:d6:f6:d8:0b:3f:1f:d2:9b:26:43:92:
63:c7:fb:19:d2:2f:17:8b:ba:22:65:ea:84:b3:05:
14:9c:8a:a3:c7:fa:48:32:d6:91:6d:f2:06:0e:ef:
33:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:0F:E4:14:F8:0A:7E:B5:0F:E4:0F:74:89:1C:DB:BD:24:04:52:B9
X509v3 Authority Key Identifier:
keyid:DE:87:2B:AD:26:2D:18:F0:A6:74:9E:02:72:D9:75:26:1D:94:9E:C3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FUYU/3ocrrSYtGPCmdJ4Cctl1Jh2UnsM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/3ocrrSYtGPCmdJ4Cctl1Jh2UnsM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FUYU/vQ_kFPgKfrUP5A90iRzbvSQEUrk.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
157.20.68.0/23
Signature Algorithm: sha256WithRSAEncryption
0e:cd:aa:71:fa:79:cc:f8:ea:9d:6f:f2:44:75:35:32:1d:f1:
36:a6:b9:a1:6b:7c:63:5b:1d:7e:0a:04:52:18:aa:ec:b5:55:
be:f9:1c:7a:1e:c4:9a:92:cf:80:5e:db:cf:90:c1:cb:9d:63:
7a:93:a2:30:0f:f9:e7:83:c2:2f:bc:85:50:33:8b:d2:99:cd:
63:54:d7:ff:93:fc:e1:05:b4:7b:a7:6a:41:e9:b7:66:e1:5d:
41:a8:0a:76:c3:0a:0d:5b:05:63:24:c1:7f:97:e6:71:cb:3a:
b4:cd:72:99:5c:a7:8a:73:51:c4:56:67:b6:f3:a3:ef:dc:ba:
ee:90:61:52:f8:c0:e5:4e:47:ce:97:ca:92:88:fc:5d:6c:d3:
b1:15:33:e7:6d:c1:c5:d8:63:bc:e7:c8:0f:f7:db:9d:39:5b:
4b:79:56:95:ec:fa:09:44:5a:a1:28:b5:78:bb:cb:4f:59:c3:
22:5d:67:9d:c9:5a:28:e1:22:d2:09:30:97:e8:6b:5d:d9:2b:
49:e4:3f:6e:e3:56:f8:ab:5a:25:d6:10:d2:e5:f9:ef:cd:55:
20:28:37:97:4b:28:6b:98:b0:ef:86:a5:fb:28:4f:38:f8:27:
5f:fe:cb:a9:a8:28:71:2f:c3:93:4a:ae:51:c5:5c:4d:f7:c3:
13:66:2f:f1
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICAOswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREU4
NzJCQUQyNjJEMThGMEE2NzQ5RTAyNzJEOTc1MjYxRDk0OUVDMzAeFw0yNTAyMDcx
NTQwMDBaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEJEMEZFNDE0RjgwQTdF
QjUwRkU0MEY3NDg5MUNEQkJEMjQwNDUyQjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCsbWtzQ60Fh49MN8iQeclhedXnu9HMzFRwWfwws/NNtqkhGEs5
0EJAidYjfgEN3oBWgyzY5N6ARSUWK77Y8R8wG9XIJtW2JCXZsNx6If6gps2LkNCM
WOyYz3Av+pik5PZEC/6QvFKLOL2irjv0OXKAsrVsfC/Zu3/4iER9M9kvBAA91ftv
2kftSR3TUkUUXnlVCM7htsfnP0/V2WrZAlTiHoauKMod2B6HXpfedR+7k2j7mux4
TrdqwTolmMOZFksWaSaeNqj0iAzXl8meSEmkZdmPrL7W9tgLPx/SmyZDkmPH+xnS
LxeLuiJl6oSzBRSciqPH+kgy1pFt8gYO7zMdAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUvQ/kFPgKfrUP5A90iRzbvSQEUrkwHwYDVR0jBBgwFoAU3ocrrSYtGPCmdJ4C
ctl1Jh2UnsMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRlVZVS8z
b2NyclNZdEdQQ21kSjRDY3RsMUpoMlVuc00uY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
LzNvY3JyU1l0R1BDbWRKNENjdGwxSmgyVW5zTS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0ZVWVUvdlFfa0ZQZ0tmclVQNUE5MGlSemJ2
U1FFVXJrLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAZ0URDAN
BgkqhkiG9w0BAQsFAAOCAQEADs2qcfp5zPjqnW/yRHU1Mh3xNqa5oWt8Y1sdfgoE
Uhiq7LVVvvkceh7EmpLPgF7bz5DBy51jepOiMA/554PCL7yFUDOL0pnNY1TX/5P8
4QW0e6dqQem3ZuFdQagKdsMKDVsFYyTBf5fmccs6tM1ymVyninNRxFZntvOj79y6
7pBhUvjA5U5HzpfKkoj8XWzTsRUz523BxdhjvOfID/fbnTlbS3lWlez6CURaoSi1
eLvLT1nDIl1nnclaKOEi0gkwl+hrXdkrSeQ/buNW+KtaJdYQ0uX5781VICg3l0so
a5iw74al+yhPOPgnX/7LqagocS/Dk0quUcVcTffDE2Yv8Q==
-----END CERTIFICATE-----
Generated at Tue Feb 11 03:42:44 2025 by rpki-client on console.sobornost.net